I have a new Dell laptop that I’ve had for about 3 months now. I usually use Norton to protect my computer but since yesterday it kept alerting and quarantining a virus called Infostealer.Snifula.B. The pop up comes up every few minutes and makes me feel worried. Will the virus steal my information? Why Norton cannot get rid of it completely? I searched on the web and found some ways to delete the virus, but none of them worked. Other programs even cannot detect this virus. What should I do?
Infosealer.Snifula.B is a Trojan that aims to steal information on the infected computer and it also downloads and executes files from the Internet without any knowledge. Just like any other data-gathering malware, this threat was made to steal user’s name, password, online credentials, or any desired data that arranged on its code. It also has the ability to record hardware and software data, install potentially unwanted programs and disable security programs on the infected PC. The virus represents a high risk for all the PC users. It can perform many bad behaviors as followed:
1. It runs every time your system starts up because it can add malicious codes and its own start-up registry entries once downloaded.
2. It can change your browser settings and then harass you with endless pop-up or pop-under adverts for goods or services that you probably have little to no interest in during your online activities.
3. It slows down your computer and may probably interrupt your Internet connectivity.
4. It may monitor web-browsing activity of the user and redirect users to all kinds of ad sites against their wills.
…
Normally, Infosealer.Snifula.B gets into user’s computer via spam email as its attachment. It can be sent as a misleading letter from a known person or company. The content of the email tries to draw user’s attention to operate its attached file. Website is another way to spread this Trojan. Usually, users will be redirected to compromised and unknown website to download the Trojan program. And misleading advertisements also can be a way to drop this nasty virus. It is important to know that a Trojan can steal sensitive information that are stored on the PC without user’s knowledge. To avoid money loss and computer crash, it is necessary to remove Infostealer.Snifula.B virus from the computer.
Slow down your PC speed notably.
Add other dangerous Trojan or Spyware to your system secretly.
Allow the hacker to access your entire system.
Collect all your personal information and transfer to a remote hacker.
Destroy critical system files and make PC unstable.
From malicious drive-by-download scripts from corrupted porn and shareware / freeware websites.
Through spam email attachments, media downloads and social networks.
When clicking suspicious pop-ups or malicious links.
Open unknown email or download media files that contain the activation code of the virus.
Note: No matter how the virus accesses your PC, users should know that there are no tools can remove this pesky Trojan automatically at this moment, it is suggested users not spend much time in downloading or paying any security software which claims can delete this stubborn virus. It is totally useless. To completely get rid of Infostealer.Snifula.B, professional manual guide is needed.
Currently many computer users had the same experience that this virus couldn’t be removed by any anti-virus applications. So the manual approach is always required to combat this virus. And here is the step-by-step removal guide for all computer users.
1. End the malicious process from Task Manager.
Once Infostealer.Snifula.B virus is installed, computer user may notice that CPU usage randomly jumps to 100 percent. At any time Windows always has many running processes. A process is an individual task that the computer runs. In general, the more processes, the more work the computer has to do and the slower it will run. If your system’s CPU spike is constant and remain at a constant 90-95%, users should check from Task Manager and see if there is a suspicious process occupying system resources and then end it immediately.
(The name of the virus process can be random.)
Press Ctrl+Shift+Esc to quickly bring up Task Manager Window:
2. Show hidden files and folders.
Open Folder Options by clicking the Start button, clicking Control Panel, clicking Appearance and Personalization, and then clicking Folder Options.
Click the View tab.
Under Advanced settings, click Show hidden files and folders, uncheck Hide protected operating system files (Recommended) and then click OK.
3. Open Registry entries. Find out the malicious files and entries and then delete all.
Attention: Always be sure to back up your PC before making any changes.
a. Press Windows key + R to open Run box. In the “Open” field, type “regedit” and click the “OK” button.
Then a Registry Editor window will pop up as the following picture shows:
b. Search malicious files and registry entries and then remove all of them:
%AllUsersProfile%\[random]
%AppData%\Roaming\Microsoft\Windows\Templates\[random]
%AllUsersProfile%\Application Data\.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\[random]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Temp
Infostealer.Snifula.B is a dangerous Trojan detected by Norton 360 that can carry out many damaging actions on the corrupted PC. Although it is not a new virus, it still target every computer users that range from individual, educational institutions, up to known organizations nowadays. When this virus is executed, it will create many junk files under Windows folder. In addition, it will arrange a start-up process by injecting registry entries without user’s notice. This threat constantly connects to a remote server in order to download more malware. Changes are also made to Windows firewall to allow network traffic that is required for Infostealer.Snifula.B to send gathered data to a remote computer. Running processes that are relevant to security software will also be disabled by this threat to avoid detection and removal. The virus is highly dangerous and the hacker behind can know all of your information and use your information to do everything he wants with the help of this virus, therefore you have to get rid of it manually as fast as possible.
Note: If you are not knowledgeable enough to be able to distinguish the location of this virus, or you are afraid of making mistake during the manual removal, please contact experts from Yoocare Online Tech Support for further help.
Published by & last updated on March 14, 2015 1:07 am
Leave a Reply
You must be logged in to post a comment.